Our chain of IT tools
Last updated: 2024-10-08
Originally posted: 2023-08-28
In this blog post, you’ll find a list of IT tools we use to run Titanium Birch.
This list is constantly evolving; this is just a snapshot in time (July 2024). We’ll update this post occasionally, especially when we add new tools.
We acknowledge that publishing this information is slightly risky from a cybersecurity perspective. After all, knowing which tools we use can save attackers time in constructing effective attack campaigns against us, whether they want to phish credentials or trick staff into installing malware.
Nevertheless, we’re pretty confident in our mitigations against such threats, so we’re publishing this post despite the risks.
We hope other investment firms will find this information valuable and that it gives job applicants a good sense of what it’s like to work here.
For securing our accounts and devices
Okta
We use Okta for single sign-on (SSO). SSO is fundamental to our cybersecurity.
Employees log into Okta using their YubiKey for phishing-proof authentication (read more about how we manage IT security threats). From there, they can log in to our other SaaS services.
Benefits of using an SSO service like Okta:
Security: Okta lets us use YubiKeys to better protect against phishing for many of the services we use.
Usability: Easier login. No need to create separate passwords for each service.
Efficiency: Onboarding and offboarding staff is much faster and more reliable. Okta gives us a central place to manage user accounts, saving the admin from manually logging into each SaaS service to add/remove users.
To any organisation that isn’t yet using SSO and YubiKeys: Our principal believes this is perhaps the single most effective thing you can do to reduce risk exposures to phishing.
1Password
1Password is a password manager and digital vault for securing secret information.
At Titanium Birch, we use 1Password to:
Create and store passwords for services that don’t support SSO
Store the verified bank account details of investment funds and other recipients of money transfers
Storing verified bank account information makes 1Password a key part of how we protect against being tricked into sending money to the wrong recipient (which we wrote about in our post about threat-modelling).
Kandji
Kandji manages our Apple devices. Our workstations only use Apple products, and we use Apple Business Manager to buy hardware that arrives pre-configured for use with Kandji. Every employee has a company-owned Macbook and iPhone, and many of our IT policies are automatically enforced using Kandji. For example, Kandji makes sure software updates are installed quickly, storage is encrypted, firewalls turned on, etc. It can also integrate with Okta to enforce policies such as allowing access to company SaaS services only from company hardware.
For collaboration
Google Workspace
We use Google Workspace (formerly Google Apps and G Suite), especially Gmail, Google Calendar, Google Docs, Google Sheets, Google Drive, and Google Meet.
Microsoft Office
For some investment-related tasks such as linking with Bloomberg, Google Sheets doesn’t meet our needs, so we fall back to the desktop version of Microsoft Excel, though in a relatively small set of use-cases. As explained in our approach to portfolio reporting, we try to use cloud-based workflows that don’t rely on spreadsheets.
Slack
We use Slack to streamline internal communication. Slack centralises our team’s conversations, integrates with other tools, and boosts productivity through organised channels and direct messaging.
We use WhatsApp for phone calls and sometimes for quick-and-simple messaging. We strictly separate work and personal affairs in all aspects of hardware, services, and data. Each staff member has a company-provided phone with an eSIM and WhatsApp account specifically for work on that device.
GoodTime
GoodTime is a calendar scheduling automation tool that simplifies scheduling meetings with people outside our firm.
We send the meeting invitee a link, they see a list of available times according to their timezone, select a slot, and then the system automatically schedules everyone’s calendars, complete with a video-conference link. GoodTime is highly configurable and saves a lot of time in coordinating schedules!
ChatGPT
We use it daily. There’s also PeterBot, a CustomGPT to help people self-reflect and prepare for their 1:1s with Peter.
Perdoo
We use Perdoo to track our OKRs and visualise our progress. Perdoo integrates with Slack for seamless check-ins and reporting.
Jira
Jira is our choice for project management. We follow Kanban principles in organising our teamwork. The book Making Work Visible: Exposing Time Theft to Optimize Work & Flow explains Kanban principles very well.
Confluence
Confluence helps organise our internal documentation.
For IT infrastructure, code, website, newsletter
Amazon Web Services (AWS)
AWS forms the backbone of our IT Infrastructure. We use it to build and run home-grown technology, such as the “glue” that connects our various systems for portfolio reporting. Where possible, we prefer to buy products and services from vendors. We build in-house only where we can’t find a vendor solution. AWS also makes it possible for us to standardise on using only Apple hardware for physical devices (and thus use Kandji as described above): in the few cases where we need to use Windows (such as for Bloomberg Terminal), we use AWS Workspaces to run cloud-based Windows virtual machines.
GitHub
Many of us use GitHub. It stores source code, manages versions, lets engineers collaborate, and runs software that tests the code and then deploys it to various environments in the cloud.
Squarespace
Squarespace is a website-building and hosting platform. We use it to run our website.
Substack
Substack is a publishing platform. We use it for our newsletter.
Zapier
Zapier helps string together multiple tools and create automated workflows.
Summary of tools
The tl;dr version of our tech stack:
For securing our accounts
Okta: Single sign-on (SSO)
1Password: Password manager
Kandji: Apple device management
For team collaboration
Google Workspace: Email, calendar, documents, video conferencing
Microsoft Office: Excel for desktop
Slack: Internal communications
WhatsApp: Phone calls, messaging
GoodTime: Calendar scheduling automation
ChatGPT
Perdoo: OKRs
Jira: Project management
Confluence: Internal documentation
For IT infrastructure, code, website, newsletter
AWS: IT Infrastructure
GitHub: Source code and CI/CD
Squarespace: Website
Substack: Newsletter
Zapier: Automated workflows
For talent acquisition and HR
Workable: Applicant tracking system
JustLogin: Singapore payroll
For miscellaneous administrative work
Volopay: Singapore corporate payment cards
DocuSign: Signing contracts
For financial data
Bloomberg Terminal: Analytics
Some final thoughts
Selecting these tools has taken a significant amount of work, which is why we’ve chosen to publish this list. We hope it will save other firms time when they select software for their organisations.
This list is ever-evolving, and we hope to keep it up to date as we add new tools.
We’re looking forward to firms like Rippling entering the Singapore market soon. They sell many of these services bundled together, saving time in procurement and integration, but at the cost of vendor lock-in.
To anyone reading this post and thinking I’d rather not do this all myself, we recommend taking a look at:
Our friends at ShiftControl, a service for making SaaS management easier and more secure for small and medium businesses.
Our friend Patrick and his consulting firm FlexAble for bespoke advice and solutions.
We hope you’ve found this content helpful.
We’ll keep sharing what we learn, so please follow us on LinkedIn and subscribe to our newsletter.